Following a series of attempted intrusions by North Korean cyber operatives, Coinbase has announced comprehensive revisions to its internal security protocols. Remote-work arrangements will now be augmented by mandatory on-site training at US offices. Employees granted access to critical systems must hold US citizenship and undergo biometric fingerprint screening. These steps aim to close vulnerabilities exploited by state-sponsored actors seeking to compromise customer data and exchange infrastructure.
CEO Brian Armstrong highlighted the unusual recruitment tactics used by North Korean intelligence services, which dispatch highly trained IT specialists under the guise of freelance contractors. “These actors are often coerced, with family members at risk,” Armstrong said in a podcast interview. He underscored the necessity of bolstering human-layer defenses alongside technical safeguards such as enhanced network segmentation and real-time anomaly detection. Coinbase’s security team will coordinate with US law enforcement to track and prosecute malign requests for employment as part of ongoing digital threat investigations.
In June, data breaches at several cryptocurrency platforms exposed personal details of high-value customers, underscoring the potential for physical risk stemming from leaked home addresses and account balances. Coinbase now plans regular security audits, expanded phishing education, and mandatory cybersecurity certifications for technical staff. The exchange’s move signals a shift in industry practices, recognizing that human factors remain a prime target for sophisticated cyber campaigns. With North Korean exploitation attempts on the rise, Coinbase joins a growing number of firms prioritizing workforce integrity in their defence strategies.
Comments (0)